Jump to content

Search the Community

Showing results for tags 'hot topic'.

  • Search By Tags

    Type tags separated by commas.

  • Search By Author

Content Type


Forums

  • General
    • General Discussion
    • Artificial Intelligence
    • DevOpsForum News
  • DevOps & SRE
    • DevOps & SRE General Discussion
    • Databases, Data Engineering & Data Science
    • Development & Programming
    • CI/CD, GitOps, Orchestration & Scheduling
    • Docker, Containers, Microservices, Serverless & Virtualization
    • Infrastructure-as-Code
    • Kubernetes & Container Orchestration
    • Linux
    • Logging, Monitoring & Observability
    • Security, Governance, Risk & Compliance
  • Cloud Providers
    • Amazon Web Services
    • Google Cloud Platform
    • Microsoft Azure

Find results in...

Find results that contain...


Date Created

  • Start

    End

Last Updated

  • Start

    End

Filter by number of...

Joined

  • Start

    End

Group

Website URL

LinkedIn Profile URL

About Me

Cloud Platforms

Cloud Experience

Development Experience

Current Role

Skills

Certifications

Favourite Tools

Interests

Found 1 result

  1. TechRadar
    Hot Topic customer may have been victims of a cyberattack when unknown actors tried to log into their accounts, the company has confirmed. In a breach notification letter sent to its customers, which was later picked up by BleepingComputer, the clothing store said that unidentified threat actors engaged in credential stuffing on November 18-19, and November 25, last year. With credential stuffing, an attacker tries a large number of username/password combinations against a service, until one combination works. Automation is usually deployed to speed the process up. User data taken According to Hot Topic, certain Hot Topic Rewards accounts were accessed during that time (the company didn’t specify how many), prompting the subsequent investigation. The company doesn’t know who the attackers are, or if they even managed to log into a noteworthy number of accounts. They also said they don’t know where the attackers got the login credentials from, but are certain they didn’t get it from Hot Topic. The breach notification letter was sent “out of an abundance of caution”. If the threat actors did manage to log into an account, they would have been able to obtain the user’s full name, email address, order history, month and day of birth, and mailing address. Not a lot, but still enough to run some forms of phishing or identity theft attacks. Compromised users who saved their credit card details on the platform shouldn’t worry too much, as just the last four digits of the card were visible, the company concluded. Hot Topic has since reset user passwords, and deployed counter-measures to protect both the website, and the app, from credential stuffing attacks. External cybersecurity experts were also brought in, the company concluded. Hot Topic has more than 600 stores in the US and Canada, employing more than 10,000 people. More from TechRadar Pro What is credential stuffing, and how does it work?Here's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article

  • Forum Statistics

    44.8k
    Total Topics
    44.5k
    Total Posts
×
×
  • Create New...